classicupgrade and sysvol acls
Andrew Bartlett
abartlet at samba.org
Fri Aug 24 03:16:48 MDT 2012
On Fri, 2012-08-24 at 11:46 +0400, Sergey Urushkin wrote:
> Hi.
> Just tried classicupgrade with latest master and got this:
>
> ...
> Setting up sam.ldb data
> Setting up well known security principals
> Setting up sam.ldb users and groups
> Setting up self join
> set_nt_acl_no_snum: fset_nt_acl returned NT_STATUS_INVALID_OWNER.
> ERROR(runtime): uncaught exception - (-1073741734,
> 'NT_STATUS_INVALID_OWNER')
We need to work out what the invalid owner is, and why it is invalid.
I'm guessing is may be to do with a imported ID being fixed as a group
when we need it to be IDMAP_BOTH, but that's just a first guess.
I'll start by pushing more information into that error message.
> Clean provision works fine. Sysvol acls after this error seem to be the
> same as after a clean provision:
>
> # getfacl /usr/local/samba/var/locks/sysvol
> getfacl: Removing leading '/' from absolute path names
> # file: usr/local/samba/var/locks/sysvol
> # owner: 500
> # group: 544
> user::rwx
> user:500:rwx
> group::rwx
> group:544:rwx
> group:549:r-x
> group:3000006:r-x
> group:3000008:rwx
> mask::rwx
> other::---
As the ACLs are not removed by anything (only overwritten - if anybody
can give me the C code to remove a posix ACL I would be most grateful)
this isn't a good guide.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list